scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-04 04:08:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Filter nodePortAddresses to the proxiers.

Browse Source 
Log a warning for addresses of wrong family.
This commit is contained in:
Lars Ekman
2020-04-12 20:19:22 +02:00
parent 96e13de777
commit f54b8f98b9
2 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
pkg/proxy/iptables/proxier.go
View File

@@ -290,6 +290,11 @@ func NewProxier(ipt utiliptables.Interface,
serviceHealthServer := healthcheck.NewServiceHealthServer(hostname, recorder)
isIPv6 := ipt.IsIPv6()
var incorrectAddresses []string
nodePortAddresses, incorrectAddresses = utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, isIPv6)
if len(incorrectAddresses) > 0 {
klog.Warning("NodePortAddresses of wrong family; ", incorrectAddresses)
}
proxier := &Proxier{
portsMap: make(map[utilproxy.LocalPort]utilproxy.Closeable),
serviceMap: make(proxy.ServiceMap),
@@ -357,16 +362,17 @@ func NewDualStackProxier(
nodePortAddresses []string,
) (proxy.Provider, error) {
// Create an ipv4 instance of the single-stack proxier
nodePortAddresses4, nodePortAddresses6 := utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, false)
ipv4Proxier, err := NewProxier(ipt[0], sysctl,
exec, syncPeriod, minSyncPeriod, masqueradeAll, masqueradeBit, localDetectors[0], hostname,
nodeIP[0], recorder, healthzServer, nodePortAddresses)
nodeIP[0], recorder, healthzServer, nodePortAddresses4)
if err != nil {
return nil, fmt.Errorf("unable to create ipv4 proxier: %v", err)
}
ipv6Proxier, err := NewProxier(ipt[1], sysctl,
exec, syncPeriod, minSyncPeriod, masqueradeAll, masqueradeBit, localDetectors[1], hostname,
nodeIP[1], recorder, healthzServer, nodePortAddresses)
nodeIP[1], recorder, healthzServer, nodePortAddresses6)
if err != nil {
return nil, fmt.Errorf("unable to create ipv6 proxier: %v", err)
}

11
pkg/proxy/ipvs/proxier.go
View File

@@ -433,6 +433,11 @@ func NewProxier(ipt utiliptables.Interface,
endpointSlicesEnabled := utilfeature.DefaultFeatureGate.Enabled(features.EndpointSliceProxying)
var incorrectAddresses []string
nodePortAddresses, incorrectAddresses = utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, isIPv6)
if len(incorrectAddresses) > 0 {
klog.Warning("NodePortAddresses of wrong family; ", incorrectAddresses)
}
proxier := &Proxier{
portsMap: make(map[utilproxy.LocalPort]utilproxy.Closeable),
serviceMap: make(proxy.ServiceMap),
@@ -509,12 +514,14 @@ func NewDualStackProxier(
safeIpset := newSafeIpset(ipset)
nodePortAddresses4, nodePortAddresses6 := utilproxy.FilterIncorrectCIDRVersion(nodePortAddresses, false)
// Create an ipv4 instance of the single-stack proxier
ipv4Proxier, err := NewProxier(ipt[0], ipvs, safeIpset, sysctl,
exec, syncPeriod, minSyncPeriod, filterCIDRs(false, excludeCIDRs), strictARP,
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
localDetectors[0], hostname, nodeIP[0],
recorder, healthzServer, scheduler, nodePortAddresses, kernelHandler)
recorder, healthzServer, scheduler, nodePortAddresses4, kernelHandler)
if err != nil {
return nil, fmt.Errorf("unable to create ipv4 proxier: %v", err)
}
@@ -523,7 +530,7 @@ func NewDualStackProxier(
exec, syncPeriod, minSyncPeriod, filterCIDRs(true, excludeCIDRs), strictARP,
tcpTimeout, tcpFinTimeout, udpTimeout, masqueradeAll, masqueradeBit,
localDetectors[1], hostname, nodeIP[1],
nil, nil, scheduler, nodePortAddresses, kernelHandler)
nil, nil, scheduler, nodePortAddresses6, kernelHandler)
if err != nil {
return nil, fmt.Errorf("unable to create ipv6 proxier: %v", err)
}